2011年2月6日星期日

HOWTO: Encrypted directory with EncFS

This guide describes how to create encrypted directories. These can come in handy for laptop users, password lists and the like.1. Install the software

Code:

sudo apt-get install encfs fuse-utilssudo modprobe fuse

And since we don't want to modprobe each time we reboot, add "fuse" to /etc/modules (without quotes, on a line of its own)

2. Add yourself to the fuse groupThe installer creates a fuse group and to use fusermount you need to be in this group. You can do this with your favourite GUI admin tool or command line:

Code:

sudo adduser fuse

3. Create a directory where your encrypted stuff will be storedI put mine in my home dir, but you can put it anywhere you like.

Code:

mkdir ~/encrypted

4. Create a mountpointThis is the directory where you will mount the encrypted directory. Through this path you can access the encrypted files.

Code:

mkdir ~/temp_encr

5. Create the encrypted system and mount itThe first time you try to mount the directory, encfs will create the encrypted filesystem. It works like the regular mount:

Code:

encfs

So for this example:

Code:

encfs /home//encrypted /home//temp_encr

Note that encfs wants absolute paths, i.e. starting with a /

6. Do the workPut some files in your ~/temp_encr folder and look in the ~/encrypted one: they will show up there, encrypted.

7. Unmount the encrypted filesystemUnmounting is as easy as

Code:

fusermount -u /home//temp_encr

8. Goto step 5Repeat! EncFS will only create the filesystem once, after that first time it will ask for a password and mount your directory.

Remember to keep the two directories apart: in this example the "encrypted" folder holds your encrypted data and should not be used directly. The gateway to access this data is "temp_encr" or whatever you want to call it.